Correlating efficiently
|
|
- Hilary Barnett
- 6 years ago
- Views:
Transcription
1 Correlating efficiently Rob Block Lead Engineer, ArcSight Correlation
2 Agenda Introduction Filters Real time correlation Reporting Trends to rescue Q & A 2
3 Introduction
4 Correlating efficiently: Goals Understand performance impact of the content you author Choose between different ways to solve a problem based on efficiency If you must write costly (performance wise) content, how can you mitigate impact on the system How to troubleshoot content related performance problems 4
5 Rare resources Memory consumption Lot of memory where did it all go? CPU consumption Where are all the CPU cycles being spent? Database hits Who is making Oracle do so much work? 5
6 Filters
7 Filtering efficiently Filters: a double-edged sword Hit the database when used in reports/channels Consume CPU cycles when used in Rules Threat prioritization Data monitors Minimal memory consumption 7
8 Inefficient filter tree A global filter that restricts the view to events from interesting sources Hierarchically organized Global filter Matches filter Matches filter Matches filter Region 1 filter Region 2 filter Region 3 filter Location 1 filter srcadress=
9 A more efficient alternative Build an active list containing all the IP addresses Filter is simply an inactivelist condition Advantages Faster evaluation Easier to debug Disadvantage Can t use it in channels anymore but can use it in Query viewers Another alternative: Asset Modeling 9
10 Filter debugging Debug which filter condition is not satisfied by the event Example: A filter is being used in a rule, an expected event should trigger the rule Problem: Rule did not get triggered by the expected event 10
11 Filter debugging Solution: Debug which filter conditions did not match the event HP Confidential 11
12 Filter debugging Fix the filter condition that is failing Debug filter with the same event Rule should fire with this event now 12
13 Rules
14 Writing slim n fast rules Slim rules don t consume a lot of memory Things to watch out for Partial matches Selectivity of aliases Time window of the rule Grouping 14
15 Join rule: An example 15
16 Partial matches Partial matches are events that match one of the aliases of a join rule These events will be held up in memory waiting for events matching other aliases Time window determines how long they will be held in memory 16
17 Making peace with join rules Make sure that Individual aliases don t match a lot of events Time window is small, typically a few minutes Number of aliases are the absolute minimum needed for the use case Use Consume After Match Option on each alias whenever possible Use the event only once to fire a rule The event does not have to stay in Rules Engine for the whole time window after it produces a match Use this option to reduce the number of correlation events 17
18 Looking for partial matches 18
19 All operators are not created equal Case sensitive string operations are faster than the case insensitive ones Some of the costly operators InActiveList still far better than a join rule with a long time window HasVulnerability to check if an asset has a particular vulnerability MatchesFilter can be expensive depending on the filter Conditions on asset based variables Multiple conditions in AND/OR put the most costly operator at the end Use Global Variables if needed by multiple rules InActiveList String Operators HasVulnerability MatchesFilter Asset Variables 19
20 Lightweight rules New option while creating rules Enables a small set of features for faster and simpler rule processing Does not generate correlation or audit events (although failures are logged) 20
21 Lightweight rules - when to use Use when the rule is used for maintaining data in Active Lists and Session Lists Example A rule that maintains the DHCP or VPN Session List by starting and terminating sessions on receiving corresponding events A rule that maintains sum total of transaction amount per user per day in an Active List 21 21
22 Pre-persistence rules (ESM 5.5) Designed for event enrichment No correlation/audit event, aggregation Only action is SetEventField SetEventField actions processed prior to event persistence Enriched field values available to rules that are evaluated post-persistence 22
23 Pre-persistence rules - when to use Use when some calculated information needs to be persisted in events for later use in Reports, Channels etc. Example A rule that identifies user based upon information from multiple sources (E.g. DHCP, VPN, Static IP assignments etc.) The user information can be persisted for use in reports later (and avoid costly conditional joins in queries) 23 23
24 Data monitors
25 Resource utilization Main resource concerns are CPU and memory Non-event data monitors generally just gather and display content not very heavy Event-based data monitors can be heavy Time buckets Number of groups Time buckets and number of groups are directly related to the memory consumption From light to heavy Last state #groups Event graph #groups + node graph Reconciliation #groups * 2 Moving average, #groups * #buckets statistics, top value 25
26 What s a time bucket? Time buckets group events by time Time buckets are used for aging out the data Example: Bucket size = 300 (in seconds) # of buckets = 12 This means: (12 time buckets) * (5 minutes/bucket) = 1 hour of data Bucket size Age-out Time Now Age-in 26
27 Choosing time buckets Hard to estimate Tip: find out the time range for the data in which you are interested Choose bucket size to get enough data to be statistically significant Example: Calculating moving average over the last 1 hour 3600 time buckets 1 time bucket Bucket size = 1 second #of buckets = time buckets Bucket size = 300 seconds #of buckets = 12 Bucket size = 3600 seconds #of buckets = 1 27
28 Group by Number of groups adds to memory consumption Efficient grouping: event name, (address + port) Inefficient grouping: event ID, time, bytes in 28
29 Data monitor memory usage CapsManager Click on CapsManager and scroll way down to Arcsight:service=CapsManager, id=datamonitor Caps Manager 29
30 Always remember Choose the right type of data monitor Filter Restrict events as much as possible Data monitors process each event passed by the filter Have only those data monitors enabled that you need for better performance A single poorly configured data monitor can degrade manager performance Restrict who can edit data monitors Use data monitor deploy permission 30
31 Reports
32 Reports Query on indexed columns (Oracle) Query on small time ranges Querying on long time ranges for a value that s not indexed is going to be slooooooooooooooow Partial list of indexed columns End time Manager receipt time Source/destination address, port Event type Originator Customer Type/priority/generator All columns are indexed on CORRE 33
33 Which fields are indexed? 34
34 Performance tips and tricks Query on the ID field instead URI URI is derived from ID in almost all cases Watch out for variables Asset-based variables are heavier than time-based variables Keep string comparisons case sensitive Indexes are useless for case insensitive string operation Query on end time instead of manager receipt time Events are partitioned by end time, hence Oracle would know exactly which partition to scan 35
35 Reporting on report performance Audit events are generated whenever a report is run You can Find out the longest running reports How many reports are being run per day Notify when a report run takes longer than say 30 minutes 36
36 Trend reports
37 Trend reports Similar to scheduled queries Results of queries stored in database for further reporting and querying Results can be persisted for much longer than the events Especially useful if the result of a query is much smaller than the events processed by the query Much of the data and table management is done by the system 38
38 Trend report: Example Goal: print a set of 20 reports at the end of every month Example report Daily counts of events blocked by firewall in last month Problem Report takes few hours Enormous amount of data to be scanned for each report Re-running the report adds another few hours 39
39 Trend report: Example All the reports can be evaluated incrementally using trends Monthly query can be broken in several smaller daily queries (daily trend) The data will be stored in a trend table on daily basis Daily counts of events blocked by firewall in last day At the end of the month, the report can run on this daily trend 40
40 Event annotation performance enhancement Problem: Slow queries when large volume of event annotation data MySQL Turn on event.annotation.optimization.enabled to true, if false Default value is true Dynamic optimization using temporary table Approximately 12X-18X improvement from ESM 6.0c 41
41 MySQL sorting performance enhancement Problem: Excessive temporary file space used when sorting event data MySQL Use only the portion of event field that is required Use global/local variable and ArcSight SUBSTRING on Event field 42
42 Summary There are many technical ways to achieve the same business goal Every piece of content you write has a performance impact make an educated choice 43
43 Questions?
44 Please give me your feedback Session TB3012 Speaker Rob Block Please fill out a survey. Hand it to the door monitor on your way out. Thank you for providing your feedback, which helps us enhance content for future events. 45
45 Thank you
46
Deep Dive Into ArcSight ESM Rules
Deep Dive Into ArcSight ESM Rules Rob Block Sr. Software Engineer, Correlation Team September 2009 2009 ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc.
More informationReduce security analysis time from hours to minutes by enriching your events Amit Khandekar, Sr. Solution Architect
Reduce security analysis time from hours to minutes by enriching your events Amit Khandekar, Sr. Solution Architect #HPProtect Security incident analysis flow and data required Incident analysis overview
More informationTuning HP ArcSight ESM prioritization
Tuning HP ArcSight ESM prioritization Beirne Konarski, Principal Consultant #HPProtect Priority What does the priority score mean? The priority helps you determine which events are most important to act
More informationAsset and network modeling in HP ArcSight ESM and Express
Asset and network modeling in HP ArcSight ESM and Express Till Jäger, CISSP, CEH EMEA ArcSight Architect, HP ESP Agenda Overview Walkthrough of asset modeling in ArcSight ESM More inside info about the
More informationKeeping your HP ArcSight connectors healthy
Keeping your HP ArcSight connectors healthy Tracy Barella Chief Services Strategist HP ArcSight Connector Health Agenda What is a Health? Health steps by ArcSight component Connectors Connector Appliances
More informationArcSight Activate Framework
ArcSight Activate Framework Petropoulos #HPProtect 44% Have trouble managing their SIEM eiqnetworks 2013 SIEM Survey #1 challenge Identification of key events SANS 2012 Log Management and Event Management
More informationHP HP0-M54. ArcSight ESM Security Analyst. Version: 4.0
HP HP0-M54 ArcSight ESM Security Analyst Version: 4.0 QUESTION NO: 1 Which statement is true about inline filters? A. An inline filter applies only to its current Active Channel. B. An inline filter applies
More informationManaging Data Resources
Chapter 7 OBJECTIVES Describe basic file organization concepts and the problems of managing data resources in a traditional file environment Managing Data Resources Describe how a database management system
More informationSecurity analytics: From data to action Visual and analytical approaches to detecting modern adversaries
Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries Chris Calvert, CISSP, CISM Director of Solutions Innovation Copyright 2013 Hewlett-Packard Development
More informationArcSight priority formula
ArcSight priority formula Fred Thiele, Managing Principal, South Pacific @fgthiele #HPProtect Our journey The priority formula Let s understand the ins and outs Look at some examples Take advantage of
More informationState of Security Operations
State of Security Operations Roberto Sandoval / September 2014 Security Intelligence & Operations Consulting Founded: 2007 The best in the world at building state of the art security operations capabilities/cyber
More informationBoostMyShop.com Privacy Policy
BoostMyShop.com Privacy Policy BoostMyShop.corp ( Boostmyshop.com or the Site ) makes its extensions, services, and all Site content available to you subject to this Privacy Policy and its Terms of Service.
More informationREST access to ESM Web Services
REST access to ESM Web Services Dmitry Udalov, Sr. Software Engineer #HPProtect Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice. This document
More informationNot your Father s SIEM
Not your Father s SIEM Getting Better Insights & Results Bill Thorn Director, Security Operations Apollo Education Group Agenda Why use a SIEM? What is a SIEM? Benefits of Using a SIEM Considerations Before
More informationDatabase Architectures
Database Architectures CPS352: Database Systems Simon Miner Gordon College Last Revised: 4/15/15 Agenda Check-in Parallelism and Distributed Databases Technology Research Project Introduction to NoSQL
More informationCopyright 2018, Oracle and/or its affiliates. All rights reserved.
Beyond SQL Tuning: Insider's Guide to Maximizing SQL Performance Monday, Oct 22 10:30 a.m. - 11:15 a.m. Marriott Marquis (Golden Gate Level) - Golden Gate A Ashish Agrawal Group Product Manager Oracle
More informationCSN15: Using ArcSight ESM for Malicious Domain Detection. Chris Watley Information Assurance Engineer US Government
CSN15: Using ArcSight ESM for Malicious Domain Detection Chris Watley Information Assurance Engineer US Government Agenda Problem defined Snort versus ArcSight ESM Rule creation Active lists Variables
More informationChapter 16: Advanced Security
: Advanced Security IT Essentials: PC Hardware and Software v4.0 1 Purpose of this Presentation To provide to instructors an overview of : List of chapter objectives Overview of the chapter contents, including
More informationData Warehouse Tuning. Without SQL Modification
Data Warehouse Tuning Without SQL Modification Agenda About Me Tuning Objectives Data Access Profile Data Access Analysis Performance Baseline Potential Model Changes Model Change Testing Testing Results
More informationTeradata. This was compiled in order to describe Teradata and provide a brief overview of common capabilities and queries.
Teradata This was compiled in order to describe Teradata and provide a brief overview of common capabilities and queries. What is it? Teradata is a powerful Big Data tool that can be used in order to quickly
More informationHow to ask the right questions about backup reporting products Lindsay Morris Product Architect
When the SRM Honeymoon s over How to ask the right questions about backup reporting products Lindsay Morris Product Architect The software honeymoon cycle 1. We need some help! Let s see what s out there.
More informationLotusScript Optimization:
LotusScript Optimization: Improving Application Reliability, Speed and the End User Experience By Teamstudio, Inc. Teamstudio, Inc. 900 Cummings Center Suite 326T Beverly MA, 01915 Phone: 800.632.9787
More informationManaging Data Resources
Chapter 7 Managing Data Resources 7.1 2006 by Prentice Hall OBJECTIVES Describe basic file organization concepts and the problems of managing data resources in a traditional file environment Describe how
More informationPolicy Compliance. Getting Started Guide. November 15, 2017
Policy Compliance Getting Started Guide November 15, 2017 Copyright 2011-2017 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
More informationTop 10 use cases of HP ArcSight Logger
Top 10 use cases of HP ArcSight Logger Sridhar Karnam @Sri747 Karnam@hp.com #HPSecure Big data is driving innovation The Big Data will continue to expand Collect Big Data for analytics Store Big Data for
More informationMemory Allocation. Static Allocation. Dynamic Allocation. Dynamic Storage Allocation. CS 414: Operating Systems Spring 2008
Dynamic Storage Allocation CS 44: Operating Systems Spring 2 Memory Allocation Static Allocation (fixed in size) Sometimes we create data structures that are fixed and don t need to grow or shrink. Dynamic
More informationFile Structures and Indexing
File Structures and Indexing CPS352: Database Systems Simon Miner Gordon College Last Revised: 10/11/12 Agenda Check-in Database File Structures Indexing Database Design Tips Check-in Database File Structures
More informationScrutinizer Flow Analytics
Scrutinizer Flow Analytics TM Scrutinizer Flow Analytics Scrutinizer Flow Analytics is an expert system that highlights characteristics about the network. It uses flow data across dozens or several hundred
More informationDB2 SQL Class Outline
DB2 SQL Class Outline The Basics of SQL Introduction Finding Your Current Schema Setting Your Default SCHEMA SELECT * (All Columns) in a Table SELECT Specific Columns in a Table Commas in the Front or
More informationDatenbanksysteme II: Caching and File Structures. Ulf Leser
Datenbanksysteme II: Caching and File Structures Ulf Leser Content of this Lecture Caching Overview Accessing data Cache replacement strategies Prefetching File structure Index Files Ulf Leser: Implementation
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationEnriching and Automating Fraud Response with HP ArcSight ESM
Enriching and Automating Fraud Response with HP ArcSight ESM TB3022 Ron Stamper, Regions Financial, Cybersecurity Engineer Josh Larkins, Malcovery Security, Sr Threat Intel Analyst Table of Contents Introduction
More informationExternal Sorting Implementing Relational Operators
External Sorting Implementing Relational Operators 1 Readings [RG] Ch. 13 (sorting) 2 Where we are Working our way up from hardware Disks File abstraction that supports insert/delete/scan Indexing for
More informationDatabase Architectures
Database Architectures CPS352: Database Systems Simon Miner Gordon College Last Revised: 11/15/12 Agenda Check-in Centralized and Client-Server Models Parallelism Distributed Databases Homework 6 Check-in
More informationPeak ETA Developers Guide
Oracle Business Intelligence 11g Peak ETA Developers Guide Antony Heljula / Paul Oprea January 2013 Peak Indicators Limited 2 Peak ETA Developers Guide Agenda About the Peak ETA Console About the Peak
More informationIBM Proventia Management SiteProtector Sample Reports
IBM Proventia Management SiteProtector Page Contents IBM Proventia Management SiteProtector Reporting Functionality Sample Report Index 2-25 Reports 26 Available SiteProtector Reports IBM Proventia Management
More informationWinning on Windows with a WiNC and a smile
Winning on Windows with a WiNC and a smile Vianney Boncorps Nanjoo Ban Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice. This document contains
More informationPerformance Monitor Administrative Options
CHAPTER 12 Effective network management requires the fastest possible identification and resolution of events that occur on mission-critical systems. Performance Monitor administrative options enable you
More information<Insert Picture Here> DBA s New Best Friend: Advanced SQL Tuning Features of Oracle Database 11g
DBA s New Best Friend: Advanced SQL Tuning Features of Oracle Database 11g Peter Belknap, Sergey Koltakov, Jack Raitto The following is intended to outline our general product direction.
More informationCorreLog. SQL Table Monitor Adapter Users Manual
CorreLog SQL Table Monitor Adapter Users Manual http://www.correlog.com mailto:support@correlog.com CorreLog, SQL Table Monitor Users Manual Copyright 2008-2018, CorreLog, Inc. All rights reserved. No
More informationPerformance Monitoring
Performance Monitoring Performance Monitoring Goals Monitoring should check that the performanceinfluencing database parameters are correctly set and if they are not, it should point to where the problems
More informationI Want To Go Faster! A Beginner s Guide to Indexing
I Want To Go Faster! A Beginner s Guide to Indexing Bert Wagner Slides available here! @bertwagner bertwagner.com youtube.com/c/bertwagner bert@bertwagner.com Why Indexes? Biggest bang for the buck Can
More informationChapter 12: Query Processing
Chapter 12: Query Processing Overview Catalog Information for Cost Estimation $ Measures of Query Cost Selection Operation Sorting Join Operation Other Operations Evaluation of Expressions Transformation
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationCHAPTER. The Role of PL/SQL in Contemporary Development
CHAPTER 1 The Role of PL/SQL in Contemporary Development 4 Oracle PL/SQL Performance Tuning Tips & Techniques When building systems, it is critical to ensure that the systems will perform well. For example,
More informationData Retrieval Firm Boosts Productivity while Protecting Customer Data
Data Retrieval Firm Boosts Productivity while Protecting Customer Data With HEIT Consulting, DriveSavers deployed a Cisco Self-Defending Network to better protect network assets, employee endpoints, and
More informationSession 4112 BW NLS Data Archiving: Keeping BW in Tip-Top Shape for SAP HANA. Sandy Speizer, PSEG SAP Principal Architect
Session 4112 BW NLS Data Archiving: Keeping BW in Tip-Top Shape for SAP HANA Sandy Speizer, PSEG SAP Principal Architect Public Service Enterprise Group PSEG SAP ECC (R/3) Core Implementation SAP BW Implementation
More informationOracle Enterprise Manager Configuration Management Unleashed: Top 10 Expert Tips
Session # S316978 Oracle Enterprise Manager Configuration Management Unleashed: Top 10 Expert Tips Sudip Datta & Andy Oppenheim Enterprise Manager, Product Management Oracle Corporation Gregg Grimes Database
More informationPractical Lessons in Memory Analysis
Practical Lessons in Memory Analysis Krum Tsvetkov SAP AG Andrew Johnson IBM United Kingdom Limited GOAL > Learn practical tips and tricks for the analysis of common memory-related problems 2 Agenda >
More informationUnified Performance Management Solution. User Guide
Unified Performance Management Solution User Guide Copyright 2016 Colasoft. All rights reserved. Information in this document is subject to change without notice. No part of this document may be reproduced
More informationCSE 153 Design of Operating Systems
CSE 153 Design of Operating Systems Winter 18 Lecture 18/19: Page Replacement Memory Management Memory management systems Physical and virtual addressing; address translation Techniques: Partitioning,
More informationIt also performs many parallelization operations like, data loading and query processing.
Introduction to Parallel Databases Companies need to handle huge amount of data with high data transfer rate. The client server and centralized system is not much efficient. The need to improve the efficiency
More informationen October 2012
StruxureWare Building Operation WebStation Operating Guide 04-13009-01-en October 2012 StruxureWare Building Operation WebStation Operating Guide 04-13009-01-en October 2012 Copyright 2012 Schneider Electric.
More informationHPE Security ArcSight Reputation Security Monitor Plus (RepSM Plus)
HPE Security ArcSight Reputation Plus (RepSM Plus) Software Version: 1.6 RepSM Plus Solution Guide February 6, 2017 Legal Notices Warranty The only warranties for Hewlett Packard Enterprise products and
More informationSQL Tuning Reading Recent Data Fast
SQL Tuning Reading Recent Data Fast Dan Tow singingsql.com Introduction Time is the key to SQL tuning, in two respects: Query execution time is the key measure of a tuned query, the only measure that matters
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationContinuous Security. Improve Web Application Security by using Continuous Security Scans
Continuous Security Improve Web Application Security by using Continuous Security Scans 1 The world of software development has changed. Nowadays around 65% of software projects use agile development 1.
More informationVirtual Memory. Motivation:
Virtual Memory Motivation:! Each process would like to see its own, full, address space! Clearly impossible to provide full physical memory for all processes! Processes may define a large address space
More informationHow enterprises can use cyber threat information effectively? Shimon Modi,
How enterprises can use cyber threat information effectively? Shimon Modi, Ph.D. smodi@trustar.co @shimonmodi About Me 10+ years of Applied R&D experience in Information Security Currently @ TruSTAR Technology
More informationBank Reconciliation in Sage One 1
Bank Reconciliation in Sage One 1 Contents Introduction Introduction... 2 Your evolving role as the Sage One Accountant... 3 What are Bank Feeds?... 3 Cashbook and Accounting how bank reconciliation works
More informationManaging an Enterprise WLAN with Wireless Control System (WCS) BRKEWN-2011
Managing an Enterprise WLAN with Wireless Control System (WCS) BRKEWN-2011 Session Agenda WCS s Role in the Network Life Cycle of a Network Planning and Deploying a Network Monitoring a Network Tools and
More informationPolycom RealAccess, Cloud Edition
ADMINISTRATOR GUIDE January 2018 3725-47131-001E Polycom RealAccess, Cloud Edition Copyright 2017, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another
More informationOracle 1Z0-515 Exam Questions & Answers
Oracle 1Z0-515 Exam Questions & Answers Number: 1Z0-515 Passing Score: 800 Time Limit: 120 min File Version: 38.7 http://www.gratisexam.com/ Oracle 1Z0-515 Exam Questions & Answers Exam Name: Data Warehousing
More informationECS 165B: Database System Implementa6on Lecture 7
ECS 165B: Database System Implementa6on Lecture 7 UC Davis April 12, 2010 Acknowledgements: por6ons based on slides by Raghu Ramakrishnan and Johannes Gehrke. Class Agenda Last 6me: Dynamic aspects of
More informationMySQL for Database Administrators Ed 4
Oracle University Contact Us: (09) 5494 1551 MySQL for Database Administrators Ed 4 Duration: 5 Days What you will learn The MySQL for Database Administrators course teaches DBAs and other database professionals
More informationDBPLUS Performance Monitor for Oracle
DBPLUS Performance Monitor for Oracle User s Manual February 2016 UM-ORA-EN-R01 Table of contents 1 Introduction... 4 1.1 DBPLUS Technical Support... 5 1.2 System architecture... 5 1.3 System requirements...
More informationShadowserver reports automated tool
Shadowserver reports automated tool August 2016 Author: Viktor Janevski Supervisor(s): Sebastian Lopienski Stefan Lueders CERN openlab Summer Student Report 2016 Project Specification Every day, CERN receives
More informationComputer Graphics. Lecture 9 Hidden Surface Removal. Taku Komura
Computer Graphics Lecture 9 Hidden Surface Removal Taku Komura 1 Why Hidden Surface Removal? A correct rendering requires correct visibility calculations When multiple opaque polygons cover the same screen
More informationCOMP390 (Design &) Implementation
COMP390 (Design &) Implementation Phil (& Dave s) rough guide Consisting of some ideas to assist the development of large and small projects in Computer Science (and a chance for me to try out some features
More informationOptimizing Testing Performance With Data Validation Option
Optimizing Testing Performance With Data Validation Option 1993-2016 Informatica LLC. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording
More informationvcenter Hyperic Monitoring and Management Guide
vcenter Hyperic Monitoring and Management Guide vcenter Hyperic 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationAll about actors in HP ArcSight ESM Anurag Singla Sr. Manager, Software Development Sep 2012
All about actors in HP ArcSight ESM Anurag Singla Sr. Manager, Software Development Sep 2012 Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice.
More informationHP ArcSight ESM. Software Version: 6.9.1c ESM 101
HP ArcSight ESM Software Version: 6.9.1c ESM 101 February 16, 2016 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationCopyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Network Modeling: A real world example Presented by: Don Slife Jarrod Echols
More informationStandard Content Guide
Standard Content Guide Express Express 4.0 with CORR-Engine March 12, 2013 Copyright 2013 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession,
More informationFive Common Myths About Scaling MySQL
WHITE PAPER Five Common Myths About Scaling MySQL Five Common Myths About Scaling MySQL In this age of data driven applications, the ability to rapidly store, retrieve and process data is incredibly important.
More informationOVERVIEW JICS ATTENDANCE REPORTING WITH COGNOS. Graceland University James M Mueller
OVERVIEW The Jenzabar Internet Campus Solution (JICS) provides educators a chance to record attendance data about their classes. By combining this information with CX Data, robust analysis can be done
More informationContents Contents Introduction Basic Steps in Query Processing Introduction Transformation of Relational Expressions...
Contents Contents...283 Introduction...283 Basic Steps in Query Processing...284 Introduction...285 Transformation of Relational Expressions...287 Equivalence Rules...289 Transformation Example: Pushing
More informationRECOFLEX. Reconciliation System. The Need. Need for Reconciliation. Overview of RecoFlex. RecoFlex Features
Reconciliation System Need for Reconciliation Reconciliation of high volumes of data Longer time to reconcile data High possibility of manual error Lot of paper work No connection between the data of the
More informationEvents in Oracle Eloqua
A Marketing Geek s Guide to: Events in Oracle Eloqua ABOUT THIS SERIES Oracle Eloqua is the most powerful marketing automation platform on the market. It has the ability to scale to the needs of the largest
More informationInterview Questions on DBMS and SQL [Compiled by M V Kamal, Associate Professor, CSE Dept]
Interview Questions on DBMS and SQL [Compiled by M V Kamal, Associate Professor, CSE Dept] 1. What is DBMS? A Database Management System (DBMS) is a program that controls creation, maintenance and use
More information$99.95 per user. SQL Server 2008 Integration Services CourseId: 158 Skill level: Run Time: 42+ hours (210 videos)
Course Description Our is a comprehensive A-Z course that covers exactly what you want in an SSIS course: data flow, data flow, and more data flow. You will learn about transformations, common design patterns
More informationReconciliation System
RECOLITE Reconciliation System Need for Reconciliation Reconciliation of high volumes of data Longer time to reconcile data High possibility of manual error Lot of paper work No connection between the
More informationIntroducing Cisco Network Assurance Engine
BRKACI-2403 Introducing Cisco Network Assurance Engine Intent Based Networking for Data Centers Sundar Iyer, Distinguished Engineer Head Cisco Network Assurance Engine Team Dhruv Jain, Director of Product
More informationHPE Intelligent Management Center
HPE Intelligent Management Center EAD Security Policy Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with the TAM
More informationSQLSaturday Sioux Falls, SD Hosted by (605) SQL
SQLSaturday 2017 Sioux Falls, SD Hosted by (605) SQL Please be sure to visit the sponsors during breaks and enter their end-of-day raffles! Remember to complete session surveys! You will be emailed a link
More informationAdvanced Topics on the Mirth Connect Interface Engine. July 6, 2016
Advanced Topics on the Mirth Connect Interface Engine July 6, 2016 You have been automatically muted. Please use the Q&A panel to submit questions during the presentation PRESENTER Nate Bessa Technical
More informationMcAfee Database Security
McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability
More informationECEC 355: Cache Design
ECEC 355: Cache Design November 28, 2007 Terminology Let us first define some general terms applicable to caches. Cache block or line. The minimum unit of information (in bytes) that can be either present
More informationEMS WEB APP User Guide
EMS WEB APP User Guide V44.1 Last Updated: August 14, 2018 EMS Software emssoftware.com/help 800.440.3994 2018 EMS Software, LLC. All Rights Reserved. Table of Contents CHAPTER 1: EMS Web App User Guide
More informationANNOYING COMPUTER PROBLEMS
ANNOYING COMPUTER PROBLEMS And their solution Before you do this to your computer read this information. Feel free to print it out. This will make it easier to reference. Table of Contents 1. Computer
More informationTroubleshooting Performance Issues with Enterprise Geodatabases. Ben Lin, Nana Dei, Jim McAbee
Troubleshooting Performance Issues with Enterprise Geodatabases Ben Lin, Nana Dei, Jim McAbee blin@esri.com ndei@esri.com jmcabee@esri.com Workshop Agenda Performance Troubleshooting (Then & Now) Real-World
More informationB.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.) Parallel Database Database Management System - 2
Introduction :- Today single CPU based architecture is not capable enough for the modern database that are required to handle more demanding and complex requirements of the users, for example, high performance,
More informationMobile County Public School System Builds a More Secure Future with AMP for Endpoints
Mobile County Public School System Builds a More Secure Future with AMP for Endpoints Cisco AMP for Endpoints met our needs from all security standpoints. We re seeing more and AMP is catching things that
More informationCopyright 2012, Oracle and/or its affiliates. All rights reserved.
1 Oracle Partitioning für Einsteiger Hermann Bär Partitioning Produkt Management 2 Disclaimer The goal is to establish a basic understanding of what can be done with Partitioning I want you to start thinking
More informationvfabric Hyperic Monitoring and Management
vfabric Hyperic Monitoring and Management VMware vfabric Hyperic 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationAdvanced Database Systems
Lecture IV Query Processing Kyumars Sheykh Esmaili Basic Steps in Query Processing 2 Query Optimization Many equivalent execution plans Choosing the best one Based on Heuristics, Cost Will be discussed
More informationUsing Electronic P-Card Reallocations
Using Electronic P-Card Reallocations A SIGNED P-Card Reallocation Log MUST be attached to each reallocation entered, otherwise the entry will be reject by Accounting Services and will NOT be processed.
More informationManjunath Subburathinam Sterling L2 Apps Support 11 Feb Lessons Learned. Peak Season IBM Corporation
Manjunath Subburathinam Sterling L2 Apps Support 11 Feb 2014 Lessons Learned Peak Season Agenda PMR Distribution Learnings Sterling Database Miscellaneous 2 PMR Distribution Following are the areas where
More informationHow am I going to skim through these data?
How am I going to skim through these data? 1 Trends Computers keep getting faster But data grows faster yet! Remember? BIG DATA! Queries are becoming more complex Remember? ANALYTICS! 2 Analytic Queries
More information